How to install firewall using ConfigServer Firewall (CSF) on CentOS cPanel server

ConfigServer firewall is a popular linux firewall security suite. It is easy to install, flexible to configure and secure with extra checks. CSF helps to control exactly what traffic is allowed in and out of the server and protect the server from malicious attack.
The CSF installation includes control panel user interface available via WHM and login failure daemon process (lfd) that runs periodically to scan the latest log file entries for login attempts  that continually fail within a short period of time. Such attempts are often called “Brute-force attacks” and the daemon process responds very quickly to such patterns and blocks offending IPs quickly.

So, login to your server via ssh and let’s start CSF installation by retrieving the package files using wget command:

# wget http://configserver.com/free/csf.tgz

Unpack the archive:

# tar xfz csf.tgz

Navigate to the uncomperssed csf directory:

# cd csf

Run the installer:

# sh install.sh

It will create configuration file and add all required cPanel services to allow list. Let’s disable testing mode by editing main CSF configuration file. Open the file using any editor (vi, nano, etc):

# nano /etc/csf/csf.conf

and change

TESTING = “1″

to

TESTING = “0″

When done, restart CSF:

# csf -r

Now CSF is installed and ready. You can simply manage it via cPanel WHM interface WHM > Config Security & Firewall:

You may want to visit “Check server security” page next, allow/block IP addresses, flush blocks, restart login failure daemon and much more.


In case you need to allow/block IP address using command line, the options are pretty simple.

To add your IP address to a permanent allow list:

# csf -a 123.45.67.89

To block the IP:

# csf -d 123.45.67.89

For more information about CSF, see: http://configserver.com/cp/csf.html

 

Was this answer helpful?

 Print this Article

Also Read

Install vnStat Network Traffic Monitor To Keep a Log Of Daily Traffic on CentOS / RHEL

How do I install vnstat software - a console-based network traffic monitor under CentOS or RHEL...

Linux wget: Your Ultimate Command Line Downloader

I t is a common practice to manage UNIX/Linux/BSD servers remotely over the ssh session. You may...

Enable & Install EPEL Repo on CentOS / RHEL / Scientific Linux 6

Extra Packages for Enterprise Linux (or EPEL) is a Fedora Special Interest Group that creates,...

CentOS Directory Server, Basic Install

Prerequisites This guide is written to assume that you have a minimal install of CentOS-5.x....

CentOS / Red Hat Linux Install VSFTPD FTP Server

Q. How do I configure and install an FTP server in CentOS / RHEL 5 / Fedora Linux...